US hospitals to use AC power probes to treat malware on medical devices

Recent advances in the security world are truly astounding. According to The Register, two US hospitals will begin using a system that can detect malware on medical equipment by monitoring the AC power consumption. The two unnamed hospitals will be the first to test the new WattsUpDoc add-on monitoring system.

WattsUpDoc can check for potentially life-threatening malware running on crucial medical based devices. The developers Benjamin Ransford and Dennis Foo Kune created the platform to use a “traditionally undesirable” power consumption side channel to detect malware threats with great accuracy similar to that of a desktop anti-virus software without the need to modify the hardware or software.

Multiple medical devices can be vulnerable to malware

Hospital devices such as pregnancy monitors, compounders, and picture-storage systems for MRI machines are vulnerable to infection because they are typically connected to an internal network that is, in turn, connected to the Internet. Prototype developer Shane Clark states that even though many medical devices run Windows, they often use custom versions of the operating system that are incompatible with conventional antivirus software.

WattsUpDoc will help secure medical technology from malware

WattsUpDoc was first introduced in a 2013 paper titled WattsUpDoc: Power Side Channels to Nonintrusively Discover Untargeted Malware on Embedded Medical Devices. The developers stated that the need to secure embedded systems without modification is critical for healthcare sectors due to the risk involved as “zombie machinery” is not so easily patched.

Ransford and Kune stated that:

“What you may be able to determine through AC power consumption are things like the computer that is plugged into an outlet, or more interestingly what is that computer doing? We are thinking about those machines that are really hard to patch, really hard to upgrade, and really hard to get inside.”

WattsUpDoc functions through classifiers under a supervised learning condition where the platform can be taught to identify malware, websites, or other computer functions that create feedback over AC. In testing, the platform detected both known and unknown malware with at least 94% and 85% accuracy respectively across different embedded devices.

In a live RSA demonstration, the platform was also able to generate unique power frequency footprints by visiting different websites such as Youtube or Twitter.

On the downside, the two developers also stated:

“A fast and brazen hacker can use their system to spy on machines if they are able to quickly switch a power socket with one that bears the WattsUpDoc monitoring kit”.

Hopefully, the hospitals that trial WattsUpDoc will benefit from it, which would be an important step into developing a tool that can be useful for hospitals worldwide.